aws_sdk 3.1.5

data/lib/aws/iam/access_key.rb

@@ -0,0 +1,180 @@
+# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+module AWS
+  class IAM
+
+    # @attr_reader [Symbol] status The status of this access key.
+    #   Status may be +:active+ or +:inactive+.
+    #
+    class AccessKey < Resource
+      
+      # @param [String] access_key_id The id of this access key.
+      # @param [Hash] options
+      # @option [String] :user The IAM user this access key belongs to.
+      #   If +:user+ is omitted then this access key belongs to the
+      #   AWS account.
+      def initialize access_key_id, options = {}
+        @id = access_key_id
+        options[:secret_value] = nil unless options.has_key?(:secret_value)
+        @user = options[:user]
+        @user ? super(@user, options) : super(options)
+      end
+
+      # @return [User,nil] Returns the user this access key belongs to.
+      #   Returns +nil+ if this access key belongs to the AWS account and not
+      #   a specific user.
+      attr_reader :user
+
+      # @return [String] Returns the access key id.
+      attr_reader :id
+
+      alias_method :access_key_id, :id
+
+      attribute :secret_value, :as => :secret_access_key, :static => true
+
+      protected :secret_value
+
+      mutable_attribute :status, :to_sym => true
+
+      protected :status=
+
+      populates_from(:create_access_key) do |resp|
+        resp.access_key if matches_response_object?(resp.access_key)
+      end
+
+      populates_from(:list_access_keys) do |resp|
+        resp.access_key_metadata.find {|k| matches_response_object?(k) }
+      end
+
+      # Returns the secret access key.
+      #
+      # You can only access the secret for newly created access 
+      # keys.  Calling +secret+ on existing access keys raises an error.
+      #
+      # @example Getting the secret from a newly created access key
+      #
+      #   access_key = iam.access_keys.create
+      #   access_key.secret
+      #   #=> 'SECRET_ACCESS_KEY'
+      #
+      # @example Failing to get the secret from an existing access key.
+      #
+      #   access_key = iam.access_keys.first
+      #   access_key.secret
+      #   #=> raises a runtime error
+      #
+      # @return [String] Returns the secret access key.  
+      def secret
+        secret_value or raise 'secret is only available for new access keys'
+      end
+
+      alias_method :secret_access_key, :secret
+
+      # @return [String,nil] Returns the name of the user this access key
+      #   belogns to.  If the access key belongs to the account, +nil+ is
+      #   returned.
+      def user_name
+        @user ? @user.name : nil
+      end
+
+      # @return [Boolean] Returns true if this access key is active.
+      def active?
+        status == :active
+      end
+
+      # @return [Boolean] Returns true if this access key is inactive.
+      def inactive?
+        status == :inactive
+      end
+
+      # Activates this access key.
+      #
+      # @example
+      #   access_key.activate!
+      #   access_key.status
+      #   # => :active
+      #
+      # @return [nil]
+      def activate!
+        self.status = 'Active'
+        nil
+      end
+
+      # Deactivates this access key.
+      #
+      # @example
+      #   access_key.deactivate!
+      #   access_key.status
+      #   # => :inactive
+      #
+      # @return [nil]
+      # @return [nil]
+      def deactivate!
+        self.status = 'Inactive'
+        nil
+      end
+
+      # Deletes the access key.
+      def delete
+        client.delete_access_key(resource_options)
+        nil
+      end
+
+      # Returns a hash that should be saved somewhere safe.  
+      #
+      #   access_keys = iam.access_keys.create
+      #   access_keys.credentials
+      #   #=> { :access_key_id => '...', :secret_access_key => '...' }
+      #
+      # You can also use these credentials to make requests:
+      #
+      #   s3 = AWS::S3.new(access_keys.credentials)
+      #   s3.buckets.create('newbucket')
+      #
+      # @return [Hash] Returns a hash with the access key id and
+      #   secret access key. 
+      def credentials
+        { :access_key_id => id, :secret_access_key => secret }
+      end
+
+      # @private
+      protected
+      def resource_identifiers
+        identifiers = []
+        identifiers << [:access_key_id, id]
+        identifiers << [:user_name, user.name] if user
+        identifiers
+      end
+
+      # IAM does not provide a request for "get access keys".
+      # Also note, we do not page the response. This is because 
+      # restrictions on how many access keys an account / user may 
+      # have is fewer than one page of results.
+      # @private
+      protected
+      def get_resource attribute
+        options = user ? { :user_name => user.name } : {}
+        client.list_access_keys(options)
+      end
+
+      # @private
+      protected
+      def matches_response_object? obj
+        user_name = obj.respond_to?(:user_name) ? obj.user_name : nil
+        obj.access_key_id == self.id and user_name == self.user_name
+      end
+
+    end
+  end
+end

data/lib/aws/iam/access_key_collection.rb

@@ -0,0 +1,128 @@
+# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+module AWS
+  class IAM
+
+    # Both AWS accounts and IAM users can have access keys (maximum of 2).
+    # You can create new keys so that you can rotate out your old keys.
+    # You can create, delete, activate and deactivate access keys.
+    #
+    # == Create New Access Keys
+    #
+    #   # for the aws account
+    #   access_keys = iam.access_keys.create
+    #
+    #   # for an iam user
+    #   user_access_keys = iam.users['johndoe'].access_keys.create
+    #  
+    # == Secret
+    #
+    # Make sure after creating an access to retrieve the secret access key
+    # and save it somewhere safe.
+    #
+    #   access_keys = iam.access_keys.create   
+    #   secret = access_keys.secret
+    #
+    # If you try to access the secret on an access key that was not newly
+    # created an error will be raised.  AWS will only give the secret for
+    # a newly created access key:
+    #
+    #   access_keys = iam.access_keys.first
+    #   access_keys.secret
+    #   #=> oops, raises a runtime error
+    #
+    class AccessKeyCollection
+
+      include Collection
+
+      # @param [Hash] options
+      # @option options [User] :user If present, this collection will only
+      #   represent the access keys for the given user.
+      def initialize options = {}
+        @user = options[:user]
+        @user ? super(@user, options) : super(options)
+      end
+
+      # @return [User,nil] Returns the user these accesss keys belong to. 
+      #   If this returns +nil+ then these access keys belong to the 
+      #   AWS account.
+      attr_reader :user
+
+      def create
+
+        options = {}
+        options[:user_name] = user.name if user
+
+        resp = client.create_access_key(options)
+
+        AccessKey.new_from(:create_access_key, resp.access_key,
+          resp.access_key.access_key_id, new_options)
+        
+      end
+
+      # @param [String] access_key_id The ID of the access key.
+      # @return [AccessKey] Returns a reference to the access key with
+      #   the given +access_key_id+.
+      def [] access_key_id
+        AccessKey.new(access_key_id, new_options)
+      end
+
+      # Deletes all of the access keys from this collection.
+      # 
+      #   iam.users['someuser'].access_keys.clear
+      #
+      # @return [nil]
+      def clear
+        each{|access_key| access_key.delete }
+        nil
+      end
+
+      # Yields once for each access key.  You can limit the number of 
+      # access keys yielded using +:limit+.
+      #
+      # @param [Hash] options
+      # @option options [Integer] :limit The maximum number of access keys
+      #   to yield.
+      # @option options [Integer] :batch_size The maximum number of 
+      #   access keys received each service reqeust.
+      # @yieldparam [AccessKey] access_key 
+      # @return [nil]
+      def each options = {}, &block
+        each_options = options.dup
+        each_options[:user_name] = user.name if user
+        super(each_options, &block)
+      end
+
+      # @private
+      protected
+      def each_item response, &block
+        response.access_key_metadata.each do |item|
+
+          access_key = AccessKey.new_from(:list_access_keys, item,
+            item.access_key_id, new_options)
+
+          yield(access_key)
+
+        end
+      end
+
+      # @private
+      protected
+      def new_options
+        user ? { :user => user } : { :config => config }
+      end
+
+    end
+  end
+end

data/lib/aws/iam/account_alias_collection.rb

@@ -0,0 +1,79 @@
+# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+module AWS
+  class IAM
+
+    # @private
+    #
+    # Currently IAM exposes the account alias in a collection, as if you
+    # could create/manage multiple aliases for a single account.  However,
+    # creating a 2nd alias replaces the first, it does not add an additional
+    # alias.
+    #
+    # Because the API is modeled as a collection this class could be used
+    # to work with it, but instead we consume this by the IAM class for
+    # the following methods:
+    #
+    #   * create_account_alias
+    #   * account_alias
+    #   * remove_account_alias
+    #
+    # If IAM allows accounts to have multiple aliases, then those previous
+    # 3 methods will be deprecated and this interface will be exposed.
+    class AccountAliasCollection
+
+      include Collection
+
+      # Creates an AWS account alias.
+      #
+      #   iam.account_aliases.create('myaccountalias')
+      #
+      # For information about account alias restrictions and usage, 
+      # see http://docs.amazonwebservices.com/IAM/latest/UserGuide/index.html?AccountAlias.html.
+      #
+      # @param [String] account_alias
+      # @return [String] Returns the account_alias string that was passed.
+      def create account_alias
+        client.create_account_alias(:account_alias => account_alias)
+        account_alias
+      end
+
+      # Delete an AWS account alias.
+      #
+      #   iam.account_aliases.delete('myaccountalias')
+      #
+      # @param [String] account_alias The account alias to delete.
+      # @return [nil]
+      def delete account_alias
+        client.delete_account_alias(:account_alias => account_alias)
+        nil
+      end
+
+      # @private
+      protected
+      def request_method
+        :list_account_aliases
+      end
+
+      # @private
+      protected
+      def each_item response, &block
+        response.account_aliases.each do |account_alias|
+          yield(account_alias)
+        end
+      end
+
+    end
+  end
+end

data/lib/aws/iam/client.rb

@@ -0,0 +1,1609 @@
+# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+module AWS
+  class IAM
+
+    # Client class for AWS Identity and Access Management (IAM).
+    class Client < Core::Client
+
+      API_VERSION = '2010-05-08'
+      
+      extend Core::Client::QueryXML
+
+      # @private
+      CACHEABLE_REQUESTS = Set[
+        :get_group,
+        :get_group_policy,
+        :get_instance_profile,
+        :get_role_policy,
+        :list_groups,
+        :list_group_policies,
+        :list_groups_for_user,
+        :list_instance_profiles,
+        :list_instance_profiles_for_role,
+        :list_role_policies,
+        :list_roles,
+        :list_server_certificates,
+        :list_virtual_mfa_devices,
+      ]
+
+      ## client methods ##
+
+      # Calls the AddRoleToInstanceProfile API operation.
+      # @method add_role_to_instance_profile(options = {})
+      #
+      # === Options:
+      #
+      # * +:instance_profile_name+ - *required* - (String) Name of the instance
+      #   profile to update.
+      # * +:role_name+ - *required* - (String) Name of the role to add.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :add_role_to_instance_profile, 'AddRoleToInstanceProfile'
+
+      # Calls the AddUserToGroup API operation.
+      # @method add_user_to_group(options = {})
+      #
+      # === Options:
+      #
+      # * +:group_name+ - *required* - (String) Name of the group to update.
+      # * +:user_name+ - *required* - (String) Name of the user to add.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :add_user_to_group, 'AddUserToGroup'
+
+      # Calls the ChangePassword API operation.
+      # @method change_password(options = {})
+      #
+      # === Options:
+      #
+      # * +:old_password+ - *required* - (String)
+      # * +:new_password+ - *required* - (String)
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :change_password, 'ChangePassword'
+
+      # Calls the CreateAccessKey API operation.
+      # @method create_access_key(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) The user name that the new key will belong
+      #   to.
+      #
+      # === Response Structure:
+      #
+      # * +:access_key+ - (Hash)
+      #   * +:user_name+ - (String)
+      #   * +:access_key_id+ - (String)
+      #   * +:status+ - (String)
+      #   * +:secret_access_key+ - (String)
+      #   * +:create_date+ - (Time)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :create_access_key, 'CreateAccessKey'
+
+      # Calls the CreateAccountAlias API operation.
+      # @method create_account_alias(options = {})
+      #
+      # === Options:
+      #
+      # * +:account_alias+ - *required* - (String) Name of the account alias to
+      #   create.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :create_account_alias, 'CreateAccountAlias'
+
+      # Calls the CreateGroup API operation.
+      # @method create_group(options = {})
+      #
+      # === Options:
+      #
+      # * +:path+ - (String) The path to the group. For more information about
+      #   paths, see Identifiers for IAM Entities in Using AWS Identity and
+      #   Access Management. This parameter is optional. If it is not included,
+      #   it defaults to a slash (/).
+      # * +:group_name+ - *required* - (String) Name of the group to create. Do
+      #   not include the path in this value.
+      #
+      # === Response Structure:
+      #
+      # * +:group+ - (Hash)
+      #   * +:path+ - (String)
+      #   * +:group_name+ - (String)
+      #   * +:group_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :create_group, 'CreateGroup'
+
+      # Calls the CreateInstanceProfile API operation.
+      # @method create_instance_profile(options = {})
+      #
+      # === Options:
+      #
+      # * +:instance_profile_name+ - *required* - (String) Name of the instance
+      #   profile to create.
+      # * +:path+ - (String) The path to the instance profile. For more
+      #   information about paths, see Identifiers for IAM Entities in Using
+      #   AWS Identity and Access Management. This parameter is optional. If it
+      #   is not included, it defaults to a slash (/).
+      #
+      # === Response Structure:
+      #
+      # * +:instance_profile+ - (Hash)
+      #   * +:path+ - (String)
+      #   * +:instance_profile_name+ - (String)
+      #   * +:instance_profile_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #   * +:roles+ - (Array<Hash>)
+      #     * +:path+ - (String)
+      #     * +:role_name+ - (String)
+      #     * +:role_id+ - (String)
+      #     * +:arn+ - (String)
+      #     * +:create_date+ - (Time)
+      #     * +:assume_role_policy_document+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :create_instance_profile, 'CreateInstanceProfile'
+
+      # Calls the CreateLoginProfile API operation.
+      # @method create_login_profile(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user to create a
+      #   password for.
+      # * +:password+ - *required* - (String) The new password for the user
+      #   name.
+      #
+      # === Response Structure:
+      #
+      # * +:login_profile+ - (Hash)
+      #   * +:user_name+ - (String)
+      #   * +:create_date+ - (Time)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :create_login_profile, 'CreateLoginProfile'
+
+      # Calls the CreateRole API operation.
+      # @method create_role(options = {})
+      #
+      # === Options:
+      #
+      # * +:path+ - (String) The path to the role. For more information about
+      #   paths, see Identifiers for IAM Entities in Using AWS Identity and
+      #   Access Management. This parameter is optional. If it is not included,
+      #   it defaults to a slash (/).
+      # * +:role_name+ - *required* - (String) Name of the role to create.
+      # * +:assume_role_policy_document+ - *required* - (String) The policy
+      #   govering by who and under what conditions the role can be assumed.
+      #
+      # === Response Structure:
+      #
+      # * +:role+ - (Hash)
+      #   * +:path+ - (String)
+      #   * +:role_name+ - (String)
+      #   * +:role_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #   * +:assume_role_policy_document+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :create_role, 'CreateRole'
+
+      # Calls the CreateUser API operation.
+      # @method create_user(options = {})
+      #
+      # === Options:
+      #
+      # * +:path+ - (String) The path for the user name. For more information
+      #   about paths, see Identifiers for IAM Entities in Using AWS Identity
+      #   and Access Management. This parameter is optional. If it is not
+      #   included, it defaults to a slash (/).
+      # * +:user_name+ - *required* - (String) Name of the user to create.
+      #
+      # === Response Structure:
+      #
+      # * +:user+ - (Hash)
+      #   * +:path+ - (String)
+      #   * +:user_name+ - (String)
+      #   * +:user_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :create_user, 'CreateUser'
+
+      # Calls the CreateVirtualMFADevice API operation.
+      # @method create_virtual_mfa_device(options = {})
+      #
+      # === Options:
+      #
+      # * +:path+ - (String) The path for the virtual MFA device. For more
+      #   information about paths, see Identifiers for IAM Entities in Using
+      #   AWS Identity and Access Management. This parameter is optional. If it
+      #   is not included, it defaults to a slash (/).
+      # * +:virtual_mfa_device_name+ - *required* - (String) The name of the
+      #   virtual MFA device. Use with path to uniquely identify a virtual MFA
+      #   device.
+      #
+      # === Response Structure:
+      #
+      # * +:virtual_mfa_device+ - (Hash)
+      #   * +:serial_number+ - (String)
+      #   * +:base_32_string_seed+ - (String)
+      #   * +:qr_code_png+ - (String)
+      #   * +:user+ - (Hash)
+      #     * +:path+ - (String)
+      #     * +:user_name+ - (String)
+      #     * +:user_id+ - (String)
+      #     * +:arn+ - (String)
+      #     * +:create_date+ - (Time)
+      #   * +:enable_date+ - (Time)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :create_virtual_mfa_device, 'CreateVirtualMFADevice'
+
+      # Calls the DeactivateMFADevice API operation.
+      # @method deactivate_mfa_device(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user whose MFA
+      #   device you want to deactivate.
+      # * +:serial_number+ - *required* - (String) The serial number that
+      #   uniquely identifies the MFA device. For virtual MFA devices, the
+      #   serial number is the device ARN.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :deactivate_mfa_device, 'DeactivateMFADevice'
+
+      # Calls the DeleteAccessKey API operation.
+      # @method delete_access_key(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) Name of the user whose key you want to
+      #   delete.
+      # * +:access_key_id+ - *required* - (String) The Access Key ID for the
+      #   Access Key ID and Secret Access Key you want to delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_access_key, 'DeleteAccessKey'
+
+      # Calls the DeleteAccountAlias API operation.
+      # @method delete_account_alias(options = {})
+      #
+      # === Options:
+      #
+      # * +:account_alias+ - *required* - (String) Name of the account alias to
+      #   delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_account_alias, 'DeleteAccountAlias'
+
+      # Calls the DeleteAccountPasswordPolicy API operation.
+      # @method delete_account_password_policy(options = {})
+      #
+      # === Options:
+      #
+      # This method accepts no options.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_account_password_policy, 'DeleteAccountPasswordPolicy'
+
+      # Calls the DeleteGroup API operation.
+      # @method delete_group(options = {})
+      #
+      # === Options:
+      #
+      # * +:group_name+ - *required* - (String) Name of the group to delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_group, 'DeleteGroup'
+
+      # Calls the DeleteGroupPolicy API operation.
+      # @method delete_group_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:group_name+ - *required* - (String) Name of the group the policy is
+      #   associated with.
+      # * +:policy_name+ - *required* - (String) Name of the policy document to
+      #   delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_group_policy, 'DeleteGroupPolicy'
+
+      # Calls the DeleteInstanceProfile API operation.
+      # @method delete_instance_profile(options = {})
+      #
+      # === Options:
+      #
+      # * +:instance_profile_name+ - *required* - (String) Name of the instance
+      #   profile to delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_instance_profile, 'DeleteInstanceProfile'
+
+      # Calls the DeleteLoginProfile API operation.
+      # @method delete_login_profile(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user whose password
+      #   you want to delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_login_profile, 'DeleteLoginProfile'
+
+      # Calls the DeleteRole API operation.
+      # @method delete_role(options = {})
+      #
+      # === Options:
+      #
+      # * +:role_name+ - *required* - (String) Name of the role to delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_role, 'DeleteRole'
+
+      # Calls the DeleteRolePolicy API operation.
+      # @method delete_role_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:role_name+ - *required* - (String) Name of the role the policy is
+      #   associated with.
+      # * +:policy_name+ - *required* - (String) Name of the policy document to
+      #   delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_role_policy, 'DeleteRolePolicy'
+
+      # Calls the DeleteServerCertificate API operation.
+      # @method delete_server_certificate(options = {})
+      #
+      # === Options:
+      #
+      # * +:server_certificate_name+ - *required* - (String) The name of the
+      #   server certificate you want to delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_server_certificate, 'DeleteServerCertificate'
+
+      # Calls the DeleteSigningCertificate API operation.
+      # @method delete_signing_certificate(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) Name of the user the signing certificate
+      #   belongs to.
+      # * +:certificate_id+ - *required* - (String) ID of the signing
+      #   certificate to delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_signing_certificate, 'DeleteSigningCertificate'
+
+      # Calls the DeleteUser API operation.
+      # @method delete_user(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user to delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_user, 'DeleteUser'
+
+      # Calls the DeleteUserPolicy API operation.
+      # @method delete_user_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user the policy is
+      #   associated with.
+      # * +:policy_name+ - *required* - (String) Name of the policy document to
+      #   delete.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_user_policy, 'DeleteUserPolicy'
+
+      # Calls the DeleteVirtualMFADevice API operation.
+      # @method delete_virtual_mfa_device(options = {})
+      #
+      # === Options:
+      #
+      # * +:serial_number+ - *required* - (String) The serial number that
+      #   uniquely identifies the MFA device. For virtual MFA devices, the
+      #   serial number is the same as the ARN.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :delete_virtual_mfa_device, 'DeleteVirtualMFADevice'
+
+      # Calls the EnableMFADevice API operation.
+      # @method enable_mfa_device(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user for whom you
+      #   want to enable the MFA device.
+      # * +:serial_number+ - *required* - (String) The serial number that
+      #   uniquely identifies the MFA device. For virtual MFA devices, the
+      #   serial number is the device ARN.
+      # * +:authentication_code_1+ - *required* - (String) An authentication
+      #   code emitted by the device.
+      # * +:authentication_code_2+ - *required* - (String) A subsequent
+      #   authentication code emitted by the device.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :enable_mfa_device, 'EnableMFADevice'
+
+      # Calls the GetAccountPasswordPolicy API operation.
+      # @method get_account_password_policy(options = {})
+      #
+      # === Options:
+      #
+      # This method accepts no options.
+      #
+      # === Response Structure:
+      #
+      # * +:password_policy+ - (Hash)
+      #   * +:minimum_password_length+ - (Integer)
+      #   * +:require_symbols+ - (Boolean)
+      #   * +:require_numbers+ - (Boolean)
+      #   * +:require_uppercase_characters+ - (Boolean)
+      #   * +:require_lowercase_characters+ - (Boolean)
+      #   * +:allow_users_to_change_password+ - (Boolean)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_account_password_policy, 'GetAccountPasswordPolicy'
+
+      # Calls the GetAccountSummary API operation.
+      # @method get_account_summary(options = {})
+      #
+      # === Options:
+      #
+      # This method accepts no options.
+      #
+      # === Response Structure:
+      #
+      # * +:summary_map+ - (Hash<String,Integer>)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_account_summary, 'GetAccountSummary'
+
+      # Calls the GetGroup API operation.
+      # @method get_group(options = {})
+      #
+      # === Options:
+      #
+      # * +:group_name+ - *required* - (String) Name of the group.
+      # * +:marker+ - (String) Use this only when paginating results, and only
+      #   in a subsequent request after you've received a response where the
+      #   results are truncated. Set it to the value of the Marker element in
+      #   the response you just received.
+      # * +:max_items+ - (Integer) Use this only when paginating results to
+      #   indicate the maximum number of user names you want in the response.
+      #   If there are additional user names beyond the maximum you specify,
+      #   the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:group+ - (Hash)
+      #   * +:path+ - (String)
+      #   * +:group_name+ - (String)
+      #   * +:group_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      # * +:users+ - (Array<Hash>)
+      #   * +:path+ - (String)
+      #   * +:user_name+ - (String)
+      #   * +:user_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_group, 'GetGroup'
+
+      # Calls the GetGroupPolicy API operation.
+      # @method get_group_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:group_name+ - *required* - (String) Name of the group the policy is
+      #   associated with.
+      # * +:policy_name+ - *required* - (String) Name of the policy document to
+      #   get.
+      #
+      # === Response Structure:
+      #
+      # * +:group_name+ - (String)
+      # * +:policy_name+ - (String)
+      # * +:policy_document+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_group_policy, 'GetGroupPolicy'
+
+      # Calls the GetInstanceProfile API operation.
+      # @method get_instance_profile(options = {})
+      #
+      # === Options:
+      #
+      # * +:instance_profile_name+ - *required* - (String) Name of the instance
+      #   profile to get information about.
+      #
+      # === Response Structure:
+      #
+      # * +:instance_profile+ - (Hash)
+      #   * +:path+ - (String)
+      #   * +:instance_profile_name+ - (String)
+      #   * +:instance_profile_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #   * +:roles+ - (Array<Hash>)
+      #     * +:path+ - (String)
+      #     * +:role_name+ - (String)
+      #     * +:role_id+ - (String)
+      #     * +:arn+ - (String)
+      #     * +:create_date+ - (Time)
+      #     * +:assume_role_policy_document+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_instance_profile, 'GetInstanceProfile'
+
+      # Calls the GetLoginProfile API operation.
+      # @method get_login_profile(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user whose login
+      #   profile you want to retrieve.
+      #
+      # === Response Structure:
+      #
+      # * +:login_profile+ - (Hash)
+      #   * +:user_name+ - (String)
+      #   * +:create_date+ - (Time)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_login_profile, 'GetLoginProfile'
+
+      # Calls the GetRole API operation.
+      # @method get_role(options = {})
+      #
+      # === Options:
+      #
+      # * +:role_name+ - *required* - (String) Name of the role to get
+      #   information about.
+      #
+      # === Response Structure:
+      #
+      # * +:role+ - (Hash)
+      #   * +:path+ - (String)
+      #   * +:role_name+ - (String)
+      #   * +:role_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #   * +:assume_role_policy_document+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_role, 'GetRole'
+
+      # Calls the GetRolePolicy API operation.
+      # @method get_role_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:role_name+ - *required* - (String) Name of the role who the policy
+      #   is associated with.
+      # * +:policy_name+ - *required* - (String) Name of the policy document to
+      #   get.
+      #
+      # === Response Structure:
+      #
+      # * +:role_name+ - (String)
+      # * +:policy_name+ - (String)
+      # * +:policy_document+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_role_policy, 'GetRolePolicy'
+
+      # Calls the GetServerCertificate API operation.
+      # @method get_server_certificate(options = {})
+      #
+      # === Options:
+      #
+      # * +:server_certificate_name+ - *required* - (String) The name of the
+      #   server certificate you want to retrieve information about.
+      #
+      # === Response Structure:
+      #
+      # * +:server_certificate+ - (Hash)
+      #   * +:server_certificate_metadata+ - (Hash)
+      #     * +:path+ - (String)
+      #     * +:server_certificate_name+ - (String)
+      #     * +:server_certificate_id+ - (String)
+      #     * +:arn+ - (String)
+      #     * +:upload_date+ - (Time)
+      #   * +:certificate_body+ - (String)
+      #   * +:certificate_chain+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_server_certificate, 'GetServerCertificate'
+
+      # Calls the GetUser API operation.
+      # @method get_user(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) Name of the user to get information about.
+      #   This parameter is optional. If it is not included, it defaults to the
+      #   user making the request.
+      #
+      # === Response Structure:
+      #
+      # * +:user+ - (Hash)
+      #   * +:path+ - (String)
+      #   * +:user_name+ - (String)
+      #   * +:user_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_user, 'GetUser'
+
+      # Calls the GetUserPolicy API operation.
+      # @method get_user_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user who the policy
+      #   is associated with.
+      # * +:policy_name+ - *required* - (String) Name of the policy document to
+      #   get.
+      #
+      # === Response Structure:
+      #
+      # * +:user_name+ - (String)
+      # * +:policy_name+ - (String)
+      # * +:policy_document+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :get_user_policy, 'GetUserPolicy'
+
+      # Calls the ListAccessKeys API operation.
+      # @method list_access_keys(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) Name of the user.
+      # * +:marker+ - (String) Use this parameter only when paginating results,
+      #   and only in a subsequent request after you've received a response
+      #   where the results are truncated. Set it to the value of the Marker
+      #   element in the response you just received.
+      # * +:max_items+ - (Integer) Use this parameter only when paginating
+      #   results to indicate the maximum number of keys you want in the
+      #   response. If there are additional keys beyond the maximum you
+      #   specify, the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:access_key_metadata+ - (Array<Hash>)
+      #   * +:user_name+ - (String)
+      #   * +:access_key_id+ - (String)
+      #   * +:status+ - (String)
+      #   * +:create_date+ - (Time)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_access_keys, 'ListAccessKeys'
+
+      # Calls the ListAccountAliases API operation.
+      # @method list_account_aliases(options = {})
+      #
+      # === Options:
+      #
+      # * +:marker+ - (String) Use this only when paginating results, and only
+      #   in a subsequent request after you've received a response where the
+      #   results are truncated. Set it to the value of the Marker element in
+      #   the response you just received.
+      # * +:max_items+ - (Integer) Use this only when paginating results to
+      #   indicate the maximum number of account aliases you want in the
+      #   response. If there are additional account aliases beyond the maximum
+      #   you specify, the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:account_aliases+ - (Array<String>)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_account_aliases, 'ListAccountAliases'
+
+      # Calls the ListGroupPolicies API operation.
+      # @method list_group_policies(options = {})
+      #
+      # === Options:
+      #
+      # * +:group_name+ - *required* - (String) The name of the group to list
+      #   policies for.
+      # * +:marker+ - (String) Use this only when paginating results, and only
+      #   in a subsequent request after you've received a response where the
+      #   results are truncated. Set it to the value of the Marker element in
+      #   the response you just received.
+      # * +:max_items+ - (Integer) Use this only when paginating results to
+      #   indicate the maximum number of policy names you want in the response.
+      #   If there are additional policy names beyond the maximum you specify,
+      #   the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:policy_names+ - (Array<String>)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_group_policies, 'ListGroupPolicies'
+
+      # Calls the ListGroups API operation.
+      # @method list_groups(options = {})
+      #
+      # === Options:
+      #
+      # * +:path_prefix+ - (String) The path prefix for filtering the results.
+      #   For example: /division_abc/subdivision_xyz/, which would get all
+      #   groups whose path starts with /division_abc/subdivision_xyz/. This
+      #   parameter is optional. If it is not included, it defaults to a slash
+      #   (/), listing all groups.
+      # * +:marker+ - (String) Use this only when paginating results, and only
+      #   in a subsequent request after you've received a response where the
+      #   results are truncated. Set it to the value of the Marker element in
+      #   the response you just received.
+      # * +:max_items+ - (Integer) Use this only when paginating results to
+      #   indicate the maximum number of groups you want in the response. If
+      #   there are additional groups beyond the maximum you specify, the
+      #   IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:groups+ - (Array<Hash>)
+      #   * +:path+ - (String)
+      #   * +:group_name+ - (String)
+      #   * +:group_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_groups, 'ListGroups'
+
+      # Calls the ListGroupsForUser API operation.
+      # @method list_groups_for_user(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) The name of the user to list
+      #   groups for.
+      # * +:marker+ - (String) Use this only when paginating results, and only
+      #   in a subsequent request after you've received a response where the
+      #   results are truncated. Set it to the value of the Marker element in
+      #   the response you just received.
+      # * +:max_items+ - (Integer) Use this only when paginating results to
+      #   indicate the maximum number of groups you want in the response. If
+      #   there are additional groups beyond the maximum you specify, the
+      #   IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:groups+ - (Array<Hash>)
+      #   * +:path+ - (String)
+      #   * +:group_name+ - (String)
+      #   * +:group_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_groups_for_user, 'ListGroupsForUser'
+
+      # Calls the ListInstanceProfiles API operation.
+      # @method list_instance_profiles(options = {})
+      #
+      # === Options:
+      #
+      # * +:path_prefix+ - (String) The path prefix for filtering the results.
+      #   For example: /application_abc/component_xyz/, which would get all
+      #   instance profiles whose path starts with
+      #   /application_abc/component_xyz/. This parameter is optional. If it is
+      #   not included, it defaults to a slash (/), listing all instance
+      #   profiles.
+      # * +:marker+ - (String) Use this parameter only when paginating results,
+      #   and only in a subsequent request after you've received a response
+      #   where the results are truncated. Set it to the value of the Marker
+      #   element in the response you just received.
+      # * +:max_items+ - (Integer) Use this parameter only when paginating
+      #   results to indicate the maximum number of user names you want in the
+      #   response. If there are additional user names beyond the maximum you
+      #   specify, the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:instance_profiles+ - (Array<Hash>)
+      #   * +:path+ - (String)
+      #   * +:instance_profile_name+ - (String)
+      #   * +:instance_profile_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #   * +:roles+ - (Array<Hash>)
+      #     * +:path+ - (String)
+      #     * +:role_name+ - (String)
+      #     * +:role_id+ - (String)
+      #     * +:arn+ - (String)
+      #     * +:create_date+ - (Time)
+      #     * +:assume_role_policy_document+ - (String)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_instance_profiles, 'ListInstanceProfiles'
+
+      # Calls the ListInstanceProfilesForRole API operation.
+      # @method list_instance_profiles_for_role(options = {})
+      #
+      # === Options:
+      #
+      # * +:role_name+ - *required* - (String) The name of the role to list
+      #   instance profiles for.
+      # * +:marker+ - (String) Use this parameter only when paginating results,
+      #   and only in a subsequent request after you've received a response
+      #   where the results are truncated. Set it to the value of the Marker
+      #   element in the response you just received.
+      # * +:max_items+ - (Integer) Use this parameter only when paginating
+      #   results to indicate the maximum number of user names you want in the
+      #   response. If there are additional user names beyond the maximum you
+      #   specify, the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:instance_profiles+ - (Array<Hash>)
+      #   * +:path+ - (String)
+      #   * +:instance_profile_name+ - (String)
+      #   * +:instance_profile_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #   * +:roles+ - (Array<Hash>)
+      #     * +:path+ - (String)
+      #     * +:role_name+ - (String)
+      #     * +:role_id+ - (String)
+      #     * +:arn+ - (String)
+      #     * +:create_date+ - (Time)
+      #     * +:assume_role_policy_document+ - (String)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_instance_profiles_for_role, 'ListInstanceProfilesForRole'
+
+      # Calls the ListMFADevices API operation.
+      # @method list_mfa_devices(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) Name of the user whose MFA devices you want
+      #   to list.
+      # * +:marker+ - (String) Use this only when paginating results, and only
+      #   in a subsequent request after you've received a response where the
+      #   results are truncated. Set it to the value of the Marker element in
+      #   the response you just received.
+      # * +:max_items+ - (Integer) Use this only when paginating results to
+      #   indicate the maximum number of MFA devices you want in the response.
+      #   If there are additional MFA devices beyond the maximum you specify,
+      #   the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:mfa_devices+ - (Array<Hash>)
+      #   * +:user_name+ - (String)
+      #   * +:serial_number+ - (String)
+      #   * +:enable_date+ - (Time)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_mfa_devices, 'ListMFADevices'
+
+      # Calls the ListRolePolicies API operation.
+      # @method list_role_policies(options = {})
+      #
+      # === Options:
+      #
+      # * +:role_name+ - *required* - (String) The name of the role to list
+      #   policies for.
+      # * +:marker+ - (String) Use this parameter only when paginating results,
+      #   and only in a subsequent request after you've received a response
+      #   where the results are truncated. Set it to the value of the Marker
+      #   element in the response you just received.
+      # * +:max_items+ - (Integer) Use this parameter only when paginating
+      #   results to indicate the maximum number of user names you want in the
+      #   response. If there are additional user names beyond the maximum you
+      #   specify, the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:policy_names+ - (Array<String>)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_role_policies, 'ListRolePolicies'
+
+      # Calls the ListRoles API operation.
+      # @method list_roles(options = {})
+      #
+      # === Options:
+      #
+      # * +:path_prefix+ - (String) The path prefix for filtering the results.
+      #   For example: /application_abc/component_xyz/, which would get all
+      #   roles whose path starts with /application_abc/component_xyz/. This
+      #   parameter is optional. If it is not included, it defaults to a slash
+      #   (/), listing all roles.
+      # * +:marker+ - (String) Use this parameter only when paginating results,
+      #   and only in a subsequent request after you've received a response
+      #   where the results are truncated. Set it to the value of the Marker
+      #   element in the response you just received.
+      # * +:max_items+ - (Integer) Use this parameter only when paginating
+      #   results to indicate the maximum number of user names you want in the
+      #   response. If there are additional user names beyond the maximum you
+      #   specify, the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:roles+ - (Array<Hash>)
+      #   * +:path+ - (String)
+      #   * +:role_name+ - (String)
+      #   * +:role_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      #   * +:assume_role_policy_document+ - (String)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_roles, 'ListRoles'
+
+      # Calls the ListServerCertificates API operation.
+      # @method list_server_certificates(options = {})
+      #
+      # === Options:
+      #
+      # * +:path_prefix+ - (String) The path prefix for filtering the results.
+      #   For example: /company/servercerts would get all server certificates
+      #   for which the path starts with /company/servercerts. This parameter
+      #   is optional. If it is not included, it defaults to a slash (/),
+      #   listing all server certificates.
+      # * +:marker+ - (String) Use this only when paginating results, and only
+      #   in a subsequent request after you've received a response where the
+      #   results are truncated. Set it to the value of the Marker element in
+      #   the response you just received.
+      # * +:max_items+ - (Integer) Use this only when paginating results to
+      #   indicate the maximum number of server certificates you want in the
+      #   response. If there are additional server certificates beyond the
+      #   maximum you specify, the IsTruncated response element will be set to
+      #   +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:server_certificate_metadata_list+ - (Array<Hash>)
+      #   * +:path+ - (String)
+      #   * +:server_certificate_name+ - (String)
+      #   * +:server_certificate_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:upload_date+ - (Time)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_server_certificates, 'ListServerCertificates'
+
+      # Calls the ListSigningCertificates API operation.
+      # @method list_signing_certificates(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) The name of the user.
+      # * +:marker+ - (String) Use this only when paginating results, and only
+      #   in a subsequent request after you've received a response where the
+      #   results are truncated. Set it to the value of the Marker element in
+      #   the response you just received.
+      # * +:max_items+ - (Integer) Use this only when paginating results to
+      #   indicate the maximum number of certificate IDs you want in the
+      #   response. If there are additional certificate IDs beyond the maximum
+      #   you specify, the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:certificates+ - (Array<Hash>)
+      #   * +:user_name+ - (String)
+      #   * +:certificate_id+ - (String)
+      #   * +:certificate_body+ - (String)
+      #   * +:status+ - (String)
+      #   * +:upload_date+ - (Time)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_signing_certificates, 'ListSigningCertificates'
+
+      # Calls the ListUserPolicies API operation.
+      # @method list_user_policies(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) The name of the user to list
+      #   policies for.
+      # * +:marker+ - (String) Use this only when paginating results, and only
+      #   in a subsequent request after you've received a response where the
+      #   results are truncated. Set it to the value of the Marker element in
+      #   the response you just received.
+      # * +:max_items+ - (Integer) Use this only when paginating results to
+      #   indicate the maximum number of policy names you want in the response.
+      #   If there are additional policy names beyond the maximum you specify,
+      #   the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:policy_names+ - (Array<String>)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_user_policies, 'ListUserPolicies'
+
+      # Calls the ListUsers API operation.
+      # @method list_users(options = {})
+      #
+      # === Options:
+      #
+      # * +:path_prefix+ - (String) The path prefix for filtering the results.
+      #   For example: /division_abc/subdivision_xyz/, which would get all user
+      #   names whose path starts with /division_abc/subdivision_xyz/. This
+      #   parameter is optional. If it is not included, it defaults to a slash
+      #   (/), listing all user names.
+      # * +:marker+ - (String) Use this parameter only when paginating results,
+      #   and only in a subsequent request after you've received a response
+      #   where the results are truncated. Set it to the value of the Marker
+      #   element in the response you just received.
+      # * +:max_items+ - (Integer) Use this parameter only when paginating
+      #   results to indicate the maximum number of user names you want in the
+      #   response. If there are additional user names beyond the maximum you
+      #   specify, the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:users+ - (Array<Hash>)
+      #   * +:path+ - (String)
+      #   * +:user_name+ - (String)
+      #   * +:user_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:create_date+ - (Time)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_users, 'ListUsers'
+
+      # Calls the ListVirtualMFADevices API operation.
+      # @method list_virtual_mfa_devices(options = {})
+      #
+      # === Options:
+      #
+      # * +:assignment_status+ - (String) The status (unassigned or assigned)
+      #   of the devices to list. If you do not specify an AssignmentStatus,
+      #   the action defaults to Any which lists both assigned and unassigned
+      #   virtual MFA devices.
+      # * +:marker+ - (String) Use this parameter only when paginating results,
+      #   and only in a subsequent request after you've received a response
+      #   where the results are truncated. Set it to the value of the Marker
+      #   element in the response you just received.
+      # * +:max_items+ - (Integer) Use this parameter only when paginating
+      #   results to indicate the maximum number of user names you want in the
+      #   response. If there are additional user names beyond the maximum you
+      #   specify, the IsTruncated response element is +true+ .
+      #
+      # === Response Structure:
+      #
+      # * +:virtual_mfa_devices+ - (Array<Hash>)
+      #   * +:serial_number+ - (String)
+      #   * +:base_32_string_seed+ - (String)
+      #   * +:qr_code_png+ - (String)
+      #   * +:user+ - (Hash)
+      #     * +:path+ - (String)
+      #     * +:user_name+ - (String)
+      #     * +:user_id+ - (String)
+      #     * +:arn+ - (String)
+      #     * +:create_date+ - (Time)
+      #   * +:enable_date+ - (Time)
+      # * +:is_truncated+ - (Boolean)
+      # * +:marker+ - (String)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :list_virtual_mfa_devices, 'ListVirtualMFADevices'
+
+      # Calls the PutGroupPolicy API operation.
+      # @method put_group_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:group_name+ - *required* - (String) Name of the group to associate
+      #   the policy with.
+      # * +:policy_name+ - *required* - (String) Name of the policy document.
+      # * +:policy_document+ - *required* - (String) The policy document.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :put_group_policy, 'PutGroupPolicy'
+
+      # Calls the PutRolePolicy API operation.
+      # @method put_role_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:role_name+ - *required* - (String) Name of the role to associate
+      #   the policy with.
+      # * +:policy_name+ - *required* - (String) Name of the policy document.
+      # * +:policy_document+ - *required* - (String) The policy document.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :put_role_policy, 'PutRolePolicy'
+
+      # Calls the PutUserPolicy API operation.
+      # @method put_user_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user to associate
+      #   the policy with.
+      # * +:policy_name+ - *required* - (String) Name of the policy document.
+      # * +:policy_document+ - *required* - (String) The policy document.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :put_user_policy, 'PutUserPolicy'
+
+      # Calls the RemoveRoleFromInstanceProfile API operation.
+      # @method remove_role_from_instance_profile(options = {})
+      #
+      # === Options:
+      #
+      # * +:instance_profile_name+ - *required* - (String) Name of the instance
+      #   profile to update.
+      # * +:role_name+ - *required* - (String) Name of the role to remove.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :remove_role_from_instance_profile, 'RemoveRoleFromInstanceProfile'
+
+      # Calls the RemoveUserFromGroup API operation.
+      # @method remove_user_from_group(options = {})
+      #
+      # === Options:
+      #
+      # * +:group_name+ - *required* - (String) Name of the group to update.
+      # * +:user_name+ - *required* - (String) Name of the user to remove.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :remove_user_from_group, 'RemoveUserFromGroup'
+
+      # Calls the ResyncMFADevice API operation.
+      # @method resync_mfa_device(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user whose MFA
+      #   device you want to resynchronize.
+      # * +:serial_number+ - *required* - (String) Serial number that uniquely
+      #   identifies the MFA device.
+      # * +:authentication_code_1+ - *required* - (String) An authentication
+      #   code emitted by the device.
+      # * +:authentication_code_2+ - *required* - (String) A subsequent
+      #   authentication code emitted by the device.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :resync_mfa_device, 'ResyncMFADevice'
+
+      # Calls the UpdateAccessKey API operation.
+      # @method update_access_key(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) Name of the user whose key you want to
+      #   update.
+      # * +:access_key_id+ - *required* - (String) The Access Key ID of the
+      #   Secret Access Key you want to update.
+      # * +:status+ - *required* - (String) The status you want to assign to
+      #   the Secret Access Key. Active means the key can be used for API calls
+      #   to AWS, while Inactive means the key cannot be used.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :update_access_key, 'UpdateAccessKey'
+
+      # Calls the UpdateAccountPasswordPolicy API operation.
+      # @method update_account_password_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:minimum_password_length+ - (Integer)
+      # * +:require_symbols+ - (Boolean)
+      # * +:require_numbers+ - (Boolean)
+      # * +:require_uppercase_characters+ - (Boolean)
+      # * +:require_lowercase_characters+ - (Boolean)
+      # * +:allow_users_to_change_password+ - (Boolean)
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :update_account_password_policy, 'UpdateAccountPasswordPolicy'
+
+      # Calls the UpdateAssumeRolePolicy API operation.
+      # @method update_assume_role_policy(options = {})
+      #
+      # === Options:
+      #
+      # * +:role_name+ - *required* - (String) Name of the role to update.
+      # * +:policy_document+ - *required* - (String) The policy govering by who
+      #   and under what conditions the role can be assumed.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :update_assume_role_policy, 'UpdateAssumeRolePolicy'
+
+      # Calls the UpdateGroup API operation.
+      # @method update_group(options = {})
+      #
+      # === Options:
+      #
+      # * +:group_name+ - *required* - (String) Name of the group to update. If
+      #   you're changing the name of the group, this is the original name.
+      # * +:new_path+ - (String) New path for the group. Only include this if
+      #   changing the group's path.
+      # * +:new_group_name+ - (String) New name for the group. Only include
+      #   this if changing the group's name.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :update_group, 'UpdateGroup'
+
+      # Calls the UpdateLoginProfile API operation.
+      # @method update_login_profile(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user whose password
+      #   you want to update.
+      # * +:password+ - (String) The new password for the user name.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :update_login_profile, 'UpdateLoginProfile'
+
+      # Calls the UpdateServerCertificate API operation.
+      # @method update_server_certificate(options = {})
+      #
+      # === Options:
+      #
+      # * +:server_certificate_name+ - *required* - (String) The name of the
+      #   server certificate that you want to update.
+      # * +:new_path+ - (String) The new path for the server certificate.
+      #   Include this only if you are updating the server certificate's path.
+      # * +:new_server_certificate_name+ - (String) The new name for the server
+      #   certificate. Include this only if you are updating the server
+      #   certificate's name.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :update_server_certificate, 'UpdateServerCertificate'
+
+      # Calls the UpdateSigningCertificate API operation.
+      # @method update_signing_certificate(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) Name of the user the signing certificate
+      #   belongs to.
+      # * +:certificate_id+ - *required* - (String) The ID of the signing
+      #   certificate you want to update.
+      # * +:status+ - *required* - (String) The status you want to assign to
+      #   the certificate. Active means the certificate can be used for API
+      #   calls to AWS, while Inactive means the certificate cannot be used.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :update_signing_certificate, 'UpdateSigningCertificate'
+
+      # Calls the UpdateUser API operation.
+      # @method update_user(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - *required* - (String) Name of the user to update. If
+      #   you're changing the name of the user, this is the original user name.
+      # * +:new_path+ - (String) New path for the user. Include this parameter
+      #   only if you're changing the user's path.
+      # * +:new_user_name+ - (String) New name for the user. Include this
+      #   parameter only if you're changing the user's name.
+      #
+      # === Response Structure:
+      #
+      # This method returns no response data.
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :update_user, 'UpdateUser'
+
+      # Calls the UploadServerCertificate API operation.
+      # @method upload_server_certificate(options = {})
+      #
+      # === Options:
+      #
+      # * +:path+ - (String) The path for the server certificate. For more
+      #   information about paths, see Identifiers for IAM Entities in Using
+      #   AWS Identity and Access Management. This parameter is optional. If it
+      #   is not included, it defaults to a slash (/).
+      # * +:server_certificate_name+ - *required* - (String) The name for the
+      #   server certificate. Do not include the path in this value.
+      # * +:certificate_body+ - *required* - (String) The contents of the
+      #   public key certificate in PEM-encoded format.
+      # * +:private_key+ - *required* - (String) The contents of the private
+      #   key in PEM-encoded format.
+      # * +:certificate_chain+ - (String) The contents of the certificate
+      #   chain. This is typically a concatenation of the PEM-encoded public
+      #   key certificates of the chain.
+      #
+      # === Response Structure:
+      #
+      # * +:server_certificate_metadata+ - (Hash)
+      #   * +:path+ - (String)
+      #   * +:server_certificate_name+ - (String)
+      #   * +:server_certificate_id+ - (String)
+      #   * +:arn+ - (String)
+      #   * +:upload_date+ - (Time)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :upload_server_certificate, 'UploadServerCertificate'
+
+      # Calls the UploadSigningCertificate API operation.
+      # @method upload_signing_certificate(options = {})
+      #
+      # === Options:
+      #
+      # * +:user_name+ - (String) Name of the user the signing certificate is
+      #   for.
+      # * +:certificate_body+ - *required* - (String) The contents of the
+      #   signing certificate.
+      #
+      # === Response Structure:
+      #
+      # * +:certificate+ - (Hash)
+      #   * +:user_name+ - (String)
+      #   * +:certificate_id+ - (String)
+      #   * +:certificate_body+ - (String)
+      #   * +:status+ - (String)
+      #   * +:upload_date+ - (Time)
+      #
+      # @return [Core::Response]
+      #
+      define_client_method :upload_signing_certificate, 'UploadSigningCertificate'
+
+      ## end client methods ##
+
+    end
+  end
+end